This package creates an auto-expiring single-use 6 digit token, which you can send it (can be SMS, email, slack, etc ) to your users and they can login into their account with that token by just sending it back to an endpoint, which is also provided out of the box.
Exactly like alternate login method in Instagram.
You have complete control on how things will happen and you are free to swap the default implementations with your own.
composer require imanghafoori/laravel-tokenize-login
Then publish the config file:
php artisan vendor:publish
Basically, this package introduces 2 endpoints, which you can send requests to them.
- The first one is to generate and send the token to the user
POST '/tokenized-login/[email protected]'
- The second one accepts the token and authoenticates the user if the token was valid.
POST '/tokenized-login/[email protected]'
Note: If you are not happy with the shape if the urls, you are free to cancel these out, and redefine them where ever you want. you can take a look at the source code to find the controllers they refer to.
To disable the default routes you may set: 'use_default_routes' => false,
in the tokenized_login config file.
You can do a lot of customization and swap the default classes, with your own altenatives since we use the larave-smart-facade package. Visit the config file to see what you can change.
If you want to swap the default implementations behind the facades with your own, you can do it within the boot
method of any service provider class like this :
/**
* The life time of tokens in seconds.
*/
'token_ttl' => 120,
/**
* The rules to validate the the receiver address.
* Usually it is an email address, but maybe a phone number.
*/
'address_validation_rules' => ['required', 'email'],
/**
* Here you determine if you are ok with using the routes
* defined within the package or you want to define them.
*/
'use_default_routes' => true,
/**
* Here you can specify the middlewares to be applied on
* the routes, which the package has provided for you.
*/
'route_middlewares' => ['api'],
/**
* You can define a prefix for the urls to avoid conflicts.
* Note: the prefix should NOT end in a slash / character.
*/
'route_prefix_url' => '/tokenized-login',
/**
* Notification class used to send the token.
* You may define your own token sender class.
*/
'token_sender' => \Imanghafoori\TokenizedLogin\TokenSender::class,
/**
* You can change the way you generate the token by define you own class.
*/
'token_generator' => \Imanghafoori\TokenizedLogin\TokenGenerators\TokenGenerator::class,
/**
* You can extend Responses class and override
* it's methods, to define your own responses.
*/
'responses' => \Imanghafoori\TokenizedLogin\Http\Responses\Responses::class,
/**
* You can change the way you fetch the user from your database
* by defining a custom user provider class, and set it here.
*/
'user_provider' => \Imanghafoori\TokenizedLogin\UserProvider::class,
/**
* You may provide a middleware to throttle the
* requesting and submission of the tokens.
*/
'throttler_middleware' => 'throttle:3,1',
All the facades have a shouldProxyTo
method which you can call, but remember not to do it within the register
method, but only in boot
.
If you find an issue, or have a better way to do something, feel free to open an issue or a pull request. If you use laravel-widgetize in your open source project, create a pull request to provide it's url as a sample application in the README.md file.
If you discover any security related issues, please use the security tab
instead of using the issue tracker.
As always if you found this package useful and you want to encourage us to maintain and work on it. Just press the star button to declare your willing.
๐ You can put middleware on any method calls.
๐ It allows to write expressive code to authorize, validate and authenticate.
๐ A minimal yet powerful package to give you opportunity to refactor your controllers.